-
Notifications
You must be signed in to change notification settings - Fork 1
/
serverless-prod.yml
77 lines (72 loc) · 1.79 KB
/
serverless-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
service: typer-app-mfe
frameworkVersion: "3"
useDotenv: true
plugins:
- serverless-s3-cleaner
custom:
serverless-s3-cleaner:
buckets:
- typer-app-mfe-prod
dotenv:
exclude:
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_SESSION_TOKEN
required:
env:
- REGION
file: true
provider:
name: aws
stage: prod
region: ${env:REGION,"us-east-1"}
runtime: nodejs14.x
iam:
role:
name: typer-app-mfe-role-prod
statements:
- Effect: "Allow"
Action:
- "s3:Put*"
- "s3:Get*"
- "s3:List*"
- "s3:Delete*"
- "s3:GetBucketPolicy"
- "s3:PutBucketPolicy"
Resource:
- arn:aws:s3:::typer-app-mfe-prod/*
- arn:aws:s3:::typer-app-mfe-prod
resources:
Resources:
TyperAppMfeBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: typer-app-mfe-prod
WebsiteConfiguration:
IndexDocument: index.html
PublicAccessBlockConfiguration:
BlockPublicAcls: false
BlockPublicPolicy: false
IgnorePublicAcls: false
RestrictPublicBuckets: false
CorsConfiguration:
CorsRules:
- AllowedHeaders:
- "*"
AllowedMethods:
- GET
AllowedOrigins:
- "*"
TyperAppMfeBucketPolicy:
Type: AWS::S3::BucketPolicy
DependsOn: TyperAppMfeBucket
Properties:
Bucket: typer-app-mfe-prod
PolicyDocument:
Version: "2012-10-17"
Statement:
- Sid: PublicReadGetObject
Effect: Allow
Principal: "*"
Action: s3:GetObject
Resource: "arn:aws:s3:::typer-app-mfe-prod/*"